package com.bdqn.oauth2gitee.config;

import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
import org.springframework.security.config.oauth2.client.CommonOAuth2Provider;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository;
import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;

import java.io.IOException;

@SuppressWarnings("ALL")
@Configuration
@EnableWebSecurity
public class ProjectConfig {
    @Bean
    SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.authorizeRequests().requestMatchers("/","/main").permitAll();
        httpSecurity.oauth2Login().successHandler(new AuthenticationSuccessHandler() {
            @Override
            public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
                response.sendRedirect("/");
            }
        });
        httpSecurity.authorizeRequests().anyRequest().authenticated();
        return httpSecurity.build();
    }

    @Bean
    ClientRegistration clientRegistration() {
        ClientRegistration cr = ClientRegistration.withRegistrationId("Gitee")
                .clientId("d918b71a58d8c82b7eb0ee6328355acea2eec6c791ca1877a69b0fa945533b27")
                .clientSecret("548e322c4ebddf68430d18f1d31c6e27ad36aa75e0c12ebf2037c8ed7d2da056")
                .scope(new String[]{"user_info"})
                .authorizationUri("https://gitee.com/oauth/authorize")
                .tokenUri("https://gitee.com/oauth/access_token")
                .userInfoUri("https://api.gitee.com/ruanzhao233")
                .userNameAttributeName("id")
                .clientName("Gitee")
                .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
                .redirectUri("http://localhost:8080/main")
                .build();
        return cr;
    }

    @Bean
    public ClientRegistrationRepository clientRegistrationRepository() {
        var c = clientRegistration();
        return new InMemoryClientRegistrationRepository(c);
    }

    @Bean
    WebSecurityCustomizer webSecurityCustomizer() {
        //忽略这些静态资源（不拦截）
        return (web) -> web.ignoring().requestMatchers("/index.html");
    }
}
